EP4268109A1 - Verfahren und vorrichtung zur steuerung des zugriffs auf einen dienst unter verwendung einer blockchain - Google Patents

Verfahren und vorrichtung zur steuerung des zugriffs auf einen dienst unter verwendung einer blockchain

Info

Publication number
EP4268109A1
EP4268109A1 EP21845104.5A EP21845104A EP4268109A1 EP 4268109 A1 EP4268109 A1 EP 4268109A1 EP 21845104 A EP21845104 A EP 21845104A EP 4268109 A1 EP4268109 A1 EP 4268109A1
Authority
EP
European Patent Office
Prior art keywords
service
user
access
pair
cryptographic keys
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
EP21845104.5A
Other languages
English (en)
French (fr)
Other versions
EP4268109B1 (de
EP4268109C0 (de
Inventor
Thierry Roger
Trinity POINTARD
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
ALTEN
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Publication of EP4268109A1 publication Critical patent/EP4268109A1/de
Application granted granted Critical
Publication of EP4268109B1 publication Critical patent/EP4268109B1/de
Publication of EP4268109C0 publication Critical patent/EP4268109C0/de
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/062Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party

Definitions

  • the present invention relates to communication networks implementing a chain of blocks (or "Blockchain”), and more specifically to access to a service using such a chain of blocks.
  • Blockchain a chain of blocks
  • a blockchain is a technology implemented in a peer-to-peer network to transmit and store information contained in blocks without a control body. Each block is added to the other blocks of the same chain after a consensus between peers, that is to say after each peer (or network node) has verified and then validated it.
  • a block after validation and verification, is added to an existing chain, it stores "in it” a digital fingerprint (or "hash") used to identify the block previously added to this chain of blocks from an initial piece of data, in order to establish the link that connects it to the rest of the blockchain. It is thus possible to carry out secure, irrefutable and long-lasting exchanges in a chain of blocks, which makes it possible to obtain a decentralized network (i.e. without a control body), transparent, secure, reliable and anonymous.
  • Hyperledger Fabric private and allowing to delimit roles between peers (or nodes), to offer consensus services and decentralized applications, and to program smart contracts (or “chaincodes” - programs capable of carrying out several types of transactions with each other), “Ethereum” (public) and “Bitcoin” (public).
  • peer nodes In a network implementing a Hyperledger Fabric-type blockchain, peer nodes (or “peer nodes”) coexist that execute smart contracts (or chaincodes), access ledger data, approve transactions and act as intermediaries with third parties. applications or services, and author nodes (or “orderer nodes”) that ensure blockchain consistency and deliver approved transactions to network peers and membership service providers (or MSPs (“Managed Service Providers”) - certificate authorities managing the X.509 certificates used to authenticate member identities and roles).
  • smart contracts or chaincodes
  • access ledger data approve transactions and act as intermediaries with third parties.
  • applications or services and author nodes (or “orderer nodes”) that ensure blockchain consistency and deliver approved transactions to network peers and membership service providers (or MSPs (“Managed Service Providers”) - certificate authorities managing the X.509 certificates used to authenticate member identities and roles).
  • MSPs Managed Service Providers
  • the invention relates more specifically to methods for accessing a chain of blocks from a user identity provided by an identity provider (or "Identity Provider").
  • the invention is intended to exploit the context of a client (or user) to allow the latter to access a chain of blocks, implemented in a communication network, from an authentication of this user and without storing the aforementioned data.
  • the control method according to the invention may comprise other characteristics which may be taken separately or in combination, and in particular: - In its step, the first communication device can connect to a second communication device responsible for carrying out the authentication; - in its step, you can initialize a cryptographic random generator (for example of the chacha20 type) with secret information and the user identifier in order to obtain a random number, then you can generate the pair of cryptographic keys from this obtained random; - in the presence of the previous option, in its step, before initialization, when the secret information has a size greater than a predefined size, this secret information can be compressed (for example by means of a cryptographic hash function) so that it has this predefined size; - in its step the user can provide the first service with the pair of generated cryptographic keys, one of which is a certificate representing a certified public key, in order to access the first service.
  • a cryptographic random generator for example of the chacha20 type
  • the invention also proposes a computer program downloadable from a communication network and/or recorded on a computer-readable medium and/or executable by at least one processor.
  • This computer program is characterized in that it comprises instructions for the execution of the steps of a control method of the type presented above, when it is executed on at least one processor-based device ( s) or at least one computer.
  • the invention also proposes a control device intended to control access to a first service using a chain of blocks implemented in a communication network.
  • the aim of the invention is in particular to propose a control method, and an associated control device 1, intended to allow the control of a user's access to a first service using a chain of blocks (or blockchain) implemented works in a communication network 2 comprising nodes 3-j.
  • This communication equipment can be mobile smart phones (or “smartphones”), electronic tablets, servers, or computers (desktop or portable), for example.
  • a node 3-j is also a communication device, but belonging to the communication network 2.
  • the communication equipment 4 is a mobile smart phone belonging to a user, client of the chain of blocks implemented in the communication network 2 and used by at least a first service, and comprising at least a part of a control device 1 according to the invention, to which we will return later.
  • the control method, according to the invention, is implemented when this user wishes to access this first service via his communication equipment 4.
  • control device 1 is distributed in the communication equipment 4 and in another communication equipment 13 providing an intermediate service (for example a web service).
  • the communication equipment 4 can ensure the man/machine interface towards this intermediate service which is responsible for carrying out all the operations allowing access to the first service.
  • a control method according to the invention comprises a step 100-140 which can be implemented at least partially by a control device 1 according to the invention or else by a dedicated computer program executed on at least one piece of equipment to processor(s) or at least one computer.
  • This dedicated computer program includes instructions for executing the steps of the control method and can be downloaded from a communication network and/or recorded on a computer-readable medium and/or executable by at least one processor (or a unit processing) of equipment (here at least the communication equipment 4).
  • the aforementioned step 100-140 first of all comprises a sub-step 100 in which the user accesses, by means of his communication equipment 4 (and via the optional communication equipment 13), a second service which is responsible for generating cryptographic key pairs.
  • the aforementioned step 100-140 then comprises a sub-step 110 in which the user uses this second service to connect to a first communication device 5 which belongs to an identity provider, in order to be authenticated.
  • this first communication device 5 can be a server, accessible via the communication network 2.
  • the authentication of the user can be done conventionally by providing the latter with his identifier (or "login”) and/or his password (or "password”), for example.
  • the step 100-140 then comprises a sub-step 120 in which the first communication equipment 5 provides the user, via the second service, with a user identifier (or "subject identify"), which identifies it in a unique and stable way over time.
  • a user identifier or "subject identify”
  • Step 100-140 then includes a sub-step 130 in which the second service uses the user identifier (provided in sub-step 120) to generate a pair of cryptographic keys which it transmits to the user ( and more precisely to its communication equipment 4).
  • Step 100-140 finally includes a sub-step 140 in which the user uses (by means of his communication equipment 4 and via a node 3-1) the pair of cryptographic keys (generated in sub-step 130) in order to access the first service to use the blockchain.
  • the first communication device 5 can connect to a second communication device 6 responsible for carrying out the authentication.
  • the identity provider delegates user authentication to an external company (public or private) which is authorized (or entitled) to do so and which owns the second communication equipment 6.
  • this second equipment communication device 6 can be a server accessible via a communication network 14.
  • the delegation of authentication to an external company requires that the first communication device 5 has an application programming interface (or API ("Application Programming Interface")) which is for example "OpenId Connect" compatible.
  • one can begin by initializing a cryptographic random generator with secret information (or a secret) and the user id in order to get a random one. Then, we (the second service) can generate the pair of cryptographic keys from this random obtained.
  • This particular method of generating cryptographic keys makes it possible to advantageously guarantee that the latter are deterministic, and therefore that the keys are the same each time for a user and the same certificate (possibility of carrying out certain cryptographic operations because the keys are not ephemera).
  • the cryptographic random generator can be of the chacha20 type. It is recalled that chacha20 uses both a key and a nonce.
  • the aforementioned key can be a common key (i.e. used for all users), and the nonce can be derived from the data of the user by the compression process (as for the secret that we compress (for example with sha256)).
  • cryptographic random generator can be used, including HC-128, Rabbit, Salsa20/12, SOSEMANUK and Trivium.
  • step 100-140 when the secret information (or secret) has a size which is greater than a predefined size on (the second service) can compress this secret information so that it has this predefined size.
  • this secret information is the compressed secret information which is used to initialize the cryptographic random generator.
  • one can compress the secret information using a cryptographic hash function.
  • this cryptographic hash function can be SHA256, BLAKE-256, Keccak, Whirlpool, or MD6.
  • the cryptographic keys can be of the Secp256k1 type, for example.
  • the blockchain is private, as is for example the case of Hyperledger Fabric, the access of the user to the first service requires the provision by this user of a pair of cryptographic keys, whose l 'une is a certificate representative of a public key certified in sub-step 130.
  • the cryptographic keys can be of the P-256 type, for example.
  • the public key must be certified by a certification authority (or MSP (Membership Service Provider)). Consequently, to create a communication network 2 carrying the chain of blocks, one must have at least one certification authority (or MSP) using within this communication network 2 a membership system based on x.509 certificates and the elliptical curve P-256, such as "Fabric-CA", and an administrator account of this certification authority (or MSP) which is used to register users. It will be noted that it is the first communication device 5 which makes a request to an API of the MSP (for example Fabric-CA) to obtain the certificate, from the public key for the user.
  • MSP Membership Service Provider
  • the first communication equipment 5 does another request to the MSP API (e.g. Fabric-CA) to generate a certificate for the user.
  • the first communication equipment 5 then returns to the user's communication equipment 4 the two cryptographic keys, one of which is the certificate (which contains the certified public key)), for example encoded in PEM ("Privacy Enhanced Email”).
  • PEM Primary Enhanced Email
  • the second service used must be constant in its generation algorithm and over time, in order to regenerate the same keys for the same user.
  • the control device 1 comprises at least one processing unit 7 and at least one memory 8 capable of carrying out the operations consisting, in the event of user access, via a node (here 3-1), of the second service , to control the use of this second service so that it connects to the first communication equipment 5 belonging to the identity provider in order to request the authentication of the user, and, in the event of authentication, that it provides a user identifier, which identifies the user in a unique and stable manner over time, then to trigger the use of this user identifier by the second service so that the latter generates a pair of cryptographic keys, then to controlling the provision of at least this pair to the first service for the user to access the latter.
  • a node here 3-1
  • the second service capable of carrying out the operations consisting, in the event of user access, via a node (here 3-1), of the second service , to control the use of this second service so that it connects to the first communication equipment 5 belonging to the identity provider in order to request the authentication of the user, and, in the
  • the processing unit 7 can, for example, be a processor, possibly a digital signal processor (or DSP (“Digital Signal Processor”)).
  • Memory 8 stores data files and computer program(s) whose instructions are intended to be executed by processing unit 7 (or processor).
  • This memory 8 can, for example, be of the RAM (“Random Access Memory”) type.
  • This processing unit 7 and this memory 8 are arranged to perform together the operations contributing in particular to the control of access to the first service.
  • the control device 1 is arranged in the form of a computer equipping the communication equipment 4 of the user and the communication equipment 13 (providing the intermediate service). But the control device 1 could be part of one or more computers ensuring at least one other function within the communication equipment 4 and/or the communication equipment 13.
  • the computer 1 can also comprise an input interface 9 for receiving at least the username/password of the user, the cryptographic keys to use them in calculations or processing, possibly after having formatted them and/or demodulated and/or amplified, in a manner known per se, by means of a digital signal processor 10.
  • this computer 1 can also comprise an output interface 11, in particular to provide requests and the identifier/password of the user to the second service and the cryptographic keys to the first service, and/or a mass memory 12.
  • the computer 1 can be made in the form of a combination of electrical or electronic circuits or components (or “hardware”), possibly micro-programmed or micro-wired, and software modules (or “software”).

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Bioethics (AREA)
  • Signal Processing (AREA)
  • Health & Medical Sciences (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • General Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Telephonic Communication Services (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Computer And Data Communications (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
EP21845104.5A 2020-12-23 2021-12-23 Verfahren und vorrichtung zur steuerung des zugriffs auf einen dienst unter verwendung einer blockchain Active EP4268109B1 (de)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
FR2014097A FR3118226B1 (fr) 2020-12-23 2020-12-23 Procédé et dispositif de contrôle de l’accès à un service utilisant une chaîne de blocs
PCT/IB2021/062239 WO2022137192A1 (fr) 2020-12-23 2021-12-23 Procédé et dispositif de contrôle de l'accès à un service utilisant une chaîne de blocs

Publications (3)

Publication Number Publication Date
EP4268109A1 true EP4268109A1 (de) 2023-11-01
EP4268109B1 EP4268109B1 (de) 2025-10-29
EP4268109C0 EP4268109C0 (de) 2025-10-29

Family

ID=75438942

Family Applications (1)

Application Number Title Priority Date Filing Date
EP21845104.5A Active EP4268109B1 (de) 2020-12-23 2021-12-23 Verfahren und vorrichtung zur steuerung des zugriffs auf einen dienst unter verwendung einer blockchain

Country Status (4)

Country Link
EP (1) EP4268109B1 (de)
ES (1) ES3058980T3 (de)
FR (1) FR3118226B1 (de)
WO (1) WO2022137192A1 (de)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115580415B (zh) * 2022-12-12 2023-03-31 南方电网数字电网研究院有限公司 区块链中数据交互认证方法、装置与系统
CN116248342B (zh) * 2022-12-27 2025-12-30 中国联合网络通信集团有限公司 一种目的地访问方法、装置、服务器及存储介质
CN116233225B (zh) * 2022-12-27 2026-01-02 中国联合网络通信集团有限公司 一种位置信息确定方法、装置、服务器及存储介质

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11792181B2 (en) * 2018-03-27 2023-10-17 Workday, Inc. Digital credentials as guest check-in for physical building access
US10692086B2 (en) * 2018-05-07 2020-06-23 Accenture Global Solutions Limited Distributed ledger based identity and origins of supply chain application enabling financial inclusion and sustainability

Also Published As

Publication number Publication date
EP4268109B1 (de) 2025-10-29
EP4268109C0 (de) 2025-10-29
ES3058980T3 (en) 2026-03-16
FR3118226A1 (fr) 2022-06-24
FR3118226B1 (fr) 2023-02-24
WO2022137192A1 (fr) 2022-06-30

Similar Documents

Publication Publication Date Title
EP3506556B1 (de) Verfahren zum authentifizierten schlüsselaustausch durch eine blockchain
CN106850200B (zh) 一种使用基于区块链的数字货币的安全方法、系统及终端
EP2819052B1 (de) Verfahren und Server zur Bearbeitung einer Zugriffsanfrage von einem Endgerät auf eine IT-Ressource
EP2820795B1 (de) Verfahren zur verifizierung der identität eines benutzers eines kommunikationsterminal und dazugehörendes system
CN112989426B (zh) 授权认证方法及装置、资源访问令牌的获取方法
EP3506557A1 (de) Schlüsselaustauschmethode durch intelligenten vertrag, der über eine blockchain entwickelt wird
EP4268109B1 (de) Verfahren und vorrichtung zur steuerung des zugriffs auf einen dienst unter verwendung einer blockchain
US8924725B2 (en) Authenticated file handles for network file systems
EP2441207A1 (de) Kryptografisches verfahren für anonyme authentifizierung und separate identifizierung eines benutzers
FR2964812A1 (fr) Procede d'authentification pour l'acces a un site web
EP1400056B1 (de) Verfahren zur kryptographischen authentifizierung
WO2009056374A1 (fr) Procede d'authentification d'un utilisateur accedant a un serveur distant a partir d'un ordinateur
FR2975518A1 (fr) Procede de securisation d'une architecture d'authentification, dispositifs materiels et logiciels correspondants
EP3673633B1 (de) Verfahren zur authentifizierung eines benutzers mit einem authentifizierungsserver
EP4078893B1 (de) Verfahren und vorrichtung zur kontrolle des anonymen zugriffs auf eine kollaborative anonymisierungsplattform
CN102014136A (zh) 基于随机握手的p2p网络安全通信方法
Jin et al. BNRDT: when data transmission meets blockchain
EP3503500B1 (de) Verfahren zur erstellung einer fern-elektronischen signatur mit dem fido-protokoll
US20250272416A1 (en) Method and device for encrypting data
WO2025119852A1 (fr) Procédé génération d'un jeton d'authentification d'un terminal utilisateur auprès d'un réseau cœur reposant sur l'utilisation d'une chaine de blocs et procédé d'authentification du terminal utilisateur correspondant
FR3161085A1 (fr) Procédé et dispositif de communication sécurisé utilisant un identifiant dérivé de manière déterministe
HK40046034B (en) Authorization authentication method and device, resource access token acquisition method
FR3145074A1 (fr) Procédés de signature de données, de fourniture de données signées, terminal et serveur associés
FR2976753A1 (fr) Procede d'initiation d'une communication securisee entre deux systemes de communication
FR2836768A1 (fr) Procede et dispositif pour former une signature numerique

Legal Events

Date Code Title Description
STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: UNKNOWN

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE INTERNATIONAL PUBLICATION HAS BEEN MADE

PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: REQUEST FOR EXAMINATION WAS MADE

17P Request for examination filed

Effective date: 20230717

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

DAV Request for validation of the european patent (deleted)
DAX Request for extension of the european patent (deleted)
GRAP Despatch of communication of intention to grant a patent

Free format text: ORIGINAL CODE: EPIDOSNIGR1

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: GRANT OF PATENT IS INTENDED

INTG Intention to grant announced

Effective date: 20250411

GRAJ Information related to disapproval of communication of intention to grant by the applicant or resumption of examination proceedings by the epo deleted

Free format text: ORIGINAL CODE: EPIDOSDIGR1

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: REQUEST FOR EXAMINATION WAS MADE

GRAP Despatch of communication of intention to grant a patent

Free format text: ORIGINAL CODE: EPIDOSNIGR1

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: GRANT OF PATENT IS INTENDED

INTC Intention to grant announced (deleted)
INTG Intention to grant announced

Effective date: 20250530

GRAS Grant fee paid

Free format text: ORIGINAL CODE: EPIDOSNIGR3

GRAA (expected) grant

Free format text: ORIGINAL CODE: 0009210

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE PATENT HAS BEEN GRANTED

AK Designated contracting states

Kind code of ref document: B1

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

REG Reference to a national code

Ref country code: CH

Ref legal event code: F10

Free format text: ST27 STATUS EVENT CODE: U-0-0-F10-F00 (AS PROVIDED BY THE NATIONAL OFFICE)

Effective date: 20251029

Ref country code: GB

Ref legal event code: FG4D

Free format text: NOT ENGLISH

RAP4 Party data changed (patent owner data changed or rights of a patent transferred)

Owner name: ALTEN

REG Reference to a national code

Ref country code: DE

Ref legal event code: R096

Ref document number: 602021041469

Country of ref document: DE

REG Reference to a national code

Ref country code: IE

Ref legal event code: FG4D

Free format text: LANGUAGE OF EP DOCUMENT: FRENCH

U01 Request for unitary effect filed

Effective date: 20251118

U07 Unitary effect registered

Designated state(s): AT BE BG DE DK EE FI FR IT LT LU LV MT NL PT RO SE SI

Effective date: 20251124

REG Reference to a national code

Ref country code: CH

Ref legal event code: U11

Free format text: ST27 STATUS EVENT CODE: U-0-0-U10-U11 (AS PROVIDED BY THE NATIONAL OFFICE)

Effective date: 20260107

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: GB

Payment date: 20251218

Year of fee payment: 5

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: AT

Payment date: 20260113

Year of fee payment: 5

U20 Renewal fee for the european patent with unitary effect paid

Year of fee payment: 5

Effective date: 20251223

REG Reference to a national code

Ref country code: ES

Ref legal event code: FG2A

Ref document number: 3058980

Country of ref document: ES

Kind code of ref document: T3

Effective date: 20260316

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: ES

Payment date: 20260119

Year of fee payment: 5

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: NO

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20260129

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: HR

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20251029

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: RS

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20260129

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: IS

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20260228

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: CH

Payment date: 20260107

Year of fee payment: 5

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: PL

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20251029